ClearTech Loop: In the Know, On the Move

AI Security: Matt Sharp on Shadow AI, NHIs, and AI Defense

April 7, 2026
AI Security: Matt Sharp on Shadow AI, NHIs, and AI Defense

Download Transcript (pdf)

In this episode of ClearTech Loop, Jo Peterson speaks with Matt Sharp, Chief Information Security Officer at Xactly, about three issues that are quickly becoming central to enterprise AI security: shadow AI, non human identities, and AI defense. Matt’s work focuses on security, trust, and AI governance in environments where AI is becoming core to both the business and the product. He is also a venture advisor at YL Ventures and co author of The CISO Evolution.  

As AI adoption accelerates, organizations are being pushed to balance innovation, governance, identity, and risk at the same time. This conversation explores how security and IT leaders are addressing unsanctioned AI use, where NHI risk begins to escalate, and why AI defense is broader and more operationally complex than many organizations realize.  

Watch the Episode 

Watch or listen to this episode of ClearTech Loop to hear Matt Sharp’s full perspective on shadow AI, non human identities, and the evolving reality of AI defense. 

Episode Highlights 

Shadow AI is both an IT and a security issue 

Matt Sharp makes the case that shadow AI cannot be treated as a single team’s problem. It touches software investment, user behavior, governance, and data exposure all at once. In the discussion, he describes shadow AI as a co owned issue for IT and security, especially when organizations are trying to guide employees toward approved tools while limiting risk from unsanctioned platforms.  

NHIs are raising the stakes on identity governance 

The conversation also examines how non human identities are evolving inside environments where authorization was already difficult to manage. Matt points to long standing challenges with role based access control and explains why risk increases as agents begin acting with more autonomy and less direct connection to a designated human identity. 

AI defense is bigger than a single category 

When asked what comes to mind with the term AI defense, Matt does not reduce it to one toolset or one use case. Instead, he frames it across workforce productivity tools, browser extensions, IDEs, local models, SaaS platforms, third party risk, and internal data environments. The result is a broader picture of AI defense as a visibility, control, and platform strategy challenge across the enterprise. 

About Matt Sharp 

Matt Sharp is the Chief Information Security Officer at Xactly. His background includes cybersecurity leadership, venture advising, and authorship, with a focus on aligning security, governance, and business outcomes. Public profiles and published materials describe his work at the intersection of AI governance, enterprise trust, and business aligned cybersecurity leadership.  

Why This Episode Matters 

AI governance is no longer a future planning exercise. It is an operating requirement. 

This episode is especially relevant for CIOs, CISOs, security leaders, and technology executives navigating the realities of enterprise AI adoption. From shadow AI and unsanctioned tool use to NHI enablement and the expanding meaning of AI defense, the discussion highlights how quickly governance, identity, and risk are becoming leadership issues rather than isolated technical concerns. 

Key Takeaways 

  • Shadow AI is not just a policy problem. It is also a tooling, investment, and data governance issue.  
  • NHIs are emerging inside identity models that many organizations never fully solved in the first place.  
  • AI defense now spans internal tools, vendor platforms, third party risk, and platformstrategy decisions.  

Additional Resources